lightning-dev

Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Original Postby Matt Morehouse

Posted on: October 16, 2023 22:10 UTC

The email discusses the two main ways of spending an "offered" HTLC txout.

The first option involves a presigned multisig covenant transaction that pays to the offerer, also known as the HTLC-timeout transaction. This option can only be spent by the offerer since it uses a presigned covenant held by them. The second option requires the receiver's signature and the preimage. Only the receiver can spend via this path.

The email provides a link to the exact script used for these transactions, which can be found at https://github.com/lightning/bolts/blob/master/03-transactions.mdoffered-htlc-outputs.